The latest changes and updates from the administration for this exam.
Latest Update: Jun 22 2026
All questions are working fine.
Correct AnswerA
A is correct: Exploitation occurs when an attacker successfully takes advantage of a vulnerability or user action to execute malicious code or gain unauthorized access to a system. In this scenario, the employee clicked a spear-phishing link, which likely delivered a malicious payload or redirected the user to an exploit that compromised the workstation or credentials. The logs indicate that PAM was not bypassed, DLP did not detect data movement, and antivirus signatures were current, suggesting the breach resulted from exploiting a user action rather than privilege abuse or data theft mechanisms. Therefore, exploitation of the spear-phishing link is the most likely initial event that led to access to the secure server.
B is incorrect: Exfiltration refers to the unauthorized transfer of sensitive data outside the organization. If exfiltration had occurred, monitoring systems such as DLP would likely detect or alert on suspicious outbound data transfers. Since the logs explicitly indicate that DLP did not trigger alerts and the scenario focuses on how the breach occurred rather than data being removed, exfiltration is not the most likely explanation.
C is incorrect: Privilege escalation occurs when an attacker gains higher-level permissions than initially granted, such as moving from a standard user account to administrative privileges. However, the investigation states that Privileged Access Management (PAM) had not been bypassed, indicating that privileged accounts or elevation mechanisms were not compromised. Therefore, privilege escalation is unlikely to be the primary event responsible for the breach.
D is incorrect: Lateral movement refers to attackers moving within a network from one compromised system to other systems to expand their access. While lateral movement could occur later in an attack lifecycle, the scenario specifically focuses on the initial breach and the role of the spear-phishing link. Because there is no evidence presented indicating movement between internal systems, lateral movement is not the most likely event that explains the breach.
Correct AnswerB
A is incorrect: Static VLAN assignmentis a network segmentation technique used to place devices into predetermined network segments. While segmentation can limit lateral movement in a network, it does not monitor endpoint processes or detect malicious scripting activity such as PowerShell abuse. Therefore, it does not provide visibility into endpoint-level command execution.
B is correct: Endpoint Detection and Response (EDR) telemetry provides detailed visibility into endpoint activity, including process execution, command-line arguments, script execution, and behavioral indicators. EDR solutions can monitor PowerShell activity, detect suspicious command patterns, and correlate events such as encoded commands, privilege escalation, or attempts to bypass security controls. CASP security operations guidance highlights endpoint monitoring and behavioral telemetry as key capabilities for identifying malicious activity occurring directly on host systems.
C is incorrect: Load balancingdistributes incoming traffic across multiple servers to improve performance and availability. Although important for scalability and resilience of services, load balancing operates at the network or application delivery layer and does not provide visibility into endpoint scripting activity or command execution.
D is incorrect: NAT exemptionallows certain network traffic to bypass Network Address Translation rules. This configuration is typically used for VPNs or specific routing scenarios but has no relationship to detecting malicious PowerShell activity on endpoints.
Correct AnswerB
A is incorrect: Adversarial training is a defensive machine learning technique used to improve model robustness. In this approach, models are trained using adversarially generated inputs so they learn to resist manipulation attempts. It is a mitigation strategy rather than an attack technique. Because the scenario describes attackers crafting prompts to manipulate the model into revealing confidential information, adversarial training would be a potential countermeasure rather than the threat itself.
B is correct: Prompt injection is the correct answer because it occurs when attackers craft specially designed prompts to manipulate the behavior of a generative AI model. In these attacks, the adversary attempts to bypass safeguards, override system instructions, or trick the model into revealing sensitive information contained in its context or accessible knowledge sources. The scenario describes crafted prompts causing the model to disclose confidential internal documentation, which directly aligns with prompt injection attacks targeting generative AI systems.
C is incorrect: Data poisoning involves manipulating the training dataset used to build a machine learning model by injecting malicious or misleading data. The goal is to influence the model’s behavior during training so that it produces incorrect or biased outputs during operation. In the scenario, the issue arises from malicious inputs at inference time rather than from tampering with the training data. Since attackers are exploiting prompts rather than corrupting training datasets, data poisoning is not the best answer.
D is incorrect: Model inversion attacks attempt to reconstruct or infer sensitive information about the training data by repeatedly querying a machine learning model and analyzing its outputs. This technique focuses on extracting underlying training data characteristics rather than manipulating the model’s instructions. In the scenario, attackers are crafting prompts to override guardrails and reveal confidential information during interaction, which aligns with prompt injection rather than model inversion.
Correct AnswerB
A is incorrect: Client-side processing involves performing validation or logic within the user’s browser or application before sending data to the server. While this may improve user experience and reduce server load, it does not provide reliable security protection. Attackers can bypass client-side validation by modifying requests directly. Because the vulnerability originates in the server-side construction of a SQL query using user input, client-side processing would not effectively mitigate the risk.
B is correct: Query parameterization (also known as prepared statements) separates user input from SQL query logic. Instead of concatenating input directly into the query string, parameters are passed to the database engine in a way that ensures they are treated strictly as data rather than executable SQL commands. This approach prevents attackers from injecting malicious SQL statements into queries. Since the example code directly concatenates the ItemID request parameter into the SQL query, implementing parameterized queries is the most effective mitigation strategy.
C is incorrect: Data normalization refers to organizing data in a database to reduce redundancy and improve data integrity, typically by dividing data into related tables and establishing relationships between them. While normalization improves database design and consistency, it does not address injection vulnerabilities caused by unsafe handling of user input in SQL queries. Therefore, it would not mitigate the issue identified in the code snippet.
D is incorrect: Escape character blocking attempts to prevent SQL injection by filtering or removing specific characters such as quotes or semicolons from user input. However, this approach is unreliable because attackers can often bypass filtering mechanisms using encoding techniques or alternative payloads. Security best practices recommend using parameterized queries rather than relying on input filtering alone to prevent injection attacks.
E is incorrect: URL encoding converts special characters in URLs into a format that can be safely transmitted over HTTP. While encoding helps ensure that data is correctly interpreted during web requests, it does not prevent SQL injection vulnerabilities within server-side database queries. Even if the input is URL encoded, the underlying SQL statement could still be manipulated if the application directly concatenates the input into the query.
Correct AnswerA
A is correct: A SOC 2 Type II report provides an attestation that an organization’s security, availability, processing integrity, confidentiality, or privacy controls were tested and operated effectively over a defined period of time, typically six months to a year. This report is issued by an independent auditor and includes both the design of controls (Type I) and evidence that the controls functioned properly throughout the reporting period (Type II). Therefore, it is the best option for providing proof of effective control operation over time.
B is incorrect: A penetration test report documents the results of a simulated attack on systems at a specific point in time. While it identifies vulnerabilities and weaknesses, it does not provide evidence that controls operated effectively over an extended period. Penetration tests are point-in-time assessments rather than longitudinal evaluations.
C is incorrect: A vulnerability scan summary shows the results of automated scans for known vulnerabilities on systems. Similar to penetration testing, these scans provide a snapshot of security posture at a single moment and do not provide evidence of control effectiveness over a defined period.
D is incorrect: An acceptable use policy outlines rules and guidelines for users’ behavior and system usage. While it supports governance and compliance, it does not provide evidence of controls operating effectively over time. It is a policy document, not an audit or attestation report.
Correct AnswerC
A is incorrect: An email client can be a common attack vector, particularly through phishing attachments or malicious links. However, in this scenario the administrator has direct administrative access to the SSO web portal, meaning compromise of credentials through browser-based sessions would have a more immediate and severe impact. While the email client vulnerability is important, it is not the most direct pathway to compromising the administrator’s privileged access to the SSO system.
B is incorrect: An offline password manager vulnerability could expose stored credentials if the attacker already has access to the system. However, since it is offline, exploitation generally requires local system compromise or access to the password vault itself. Compared to a browser vulnerability that could be exploited through web-based attacks targeting SSO sessions, the password manager is not the most immediate risk in this scenario.
C is correct: The browser should be patched first because it is the primary interface used to access the SSO web portal and other web-based administrative services. CASP+ risk prioritization guidance emphasizes evaluating both vulnerability severity and exposure. Since the administrator uses the browser to authenticate to the organization’s SSO system with privileged access, a browser vulnerability could allow attackers to hijack sessions, steal credentials, or execute malicious scripts. This makes the browser the highest-priority remediation target among the identified vulnerabilities.
D is incorrect: Operating system vulnerabilities can be severe and may allow privilege escalation or system compromise. However, patching priority should consider the most likely attack vector and exposure level. In this case, the administrator’s browser is directly used to access the SSO portal, making it a more immediate pathway for compromise. Therefore, while OS patching remains important, the browser represents the higher priority risk in this context.
Correct AnswerB
A is incorrect: A. RACI matrix. A RACI matrix is a project governance tool used to define roles and responsibilities within a process or project. The acronym stands for Responsible, Accountable, Consulted, and Informed. It helps clarify who performs tasks and who is responsible for outcomes, improving accountability and communication within teams. However, a RACI matrix does not evaluate whether systems or processes comply with internal policies, regulatory requirements, or security standards. Therefore, it is not designed to assess compliance.
B is correct: B. Audit report. This is the correct answer because an audit report documents the results of a formal evaluation of an organization’s controls, processes, or systems against defined internal policies, regulatory requirements, or industry standards. During an audit, auditors examine evidence, test controls, and determine whether the organization complies with applicable requirements. The resulting audit report summarizes findings, identifies control deficiencies, and provides recommendations for remediation. Consequently, audit reports are specifically used to assess and document compliance with both internal and external requirements.
C is incorrect: C. After-action report.An after-action report is typically created following an incident, exercise, or event to evaluate performance and identify lessons learned. It analyzes what occurred, what worked well, and what improvements should be made in future responses. While it may highlight procedural or operational issues, its primary purpose is operational improvement rather than verifying compliance with regulatory or policy requirements. Therefore, it does not serve as a formal compliance assessment mechanism.
D is incorrect: D. Business continuity plan. A business continuity plan (BCP) is a strategic document outlining procedures to maintain critical business operations during disruptive events such as disasters, cyber incidents, or infrastructure failures. The BCP focuses on maintaining availability and operational resilience through recovery strategies and continuity procedures. Although it may be subject to compliance audits or regulatory requirements, the BCP itself is not a mechanism used to assess compliance. Instead, it is a preparedness and recovery planning document.
Select all that apply
Correct AnswersA, B
A is correct: Blocking foreign IP addresses from accessing the website is an implementation of geo-blocking. Since the company only serves U.S.-based customers, restricting access from the foreign country reduces exposure to unauthorized traffic and attack attempts originating from that region. This control still allows the organization to define specific exceptions through controlled access methods. CASP architecture guidance emphasizes reducing attack surface by restricting access based on location when business requirements permit.
B is correct: Having the developers use the company’s VPN allows authorized personnel in the foreign country to securely access internal systems while still enforcing the geo-blocking policy for normal public internet traffic. By connecting through a VPN, the developers authenticate to the organization and appear as trusted internal users, allowing their access while maintaining geographic restrictions on general traffic. VPN tunneling also encrypts the connection and protects development activity across untrusted networks.
C is incorrect: Implementing a Web Application Firewall (WAF)protects the web application by filtering malicious HTTP/HTTPS traffic and preventing attacks such as SQL injection or cross-site scripting. However, a WAF does not specifically solve the requirement to block traffic by geographic region while allowing limited developer access from that region.
D is incorrect: Giving developers access to a jump box can provide controlled administrative access to internal systems, but it does not address the primary requirement of blocking public internet traffic from a specific country. While a jump box may enhance access security, it does not implement the geographic restriction itself.
E is incorrect: Employing a reverse proxy for the developerswould help distribute or filter traffic to backend servers, but it does not directly enforce geographic access restrictions nor provide secure authenticated developer access in the way a VPN does.
F is incorrect: Using NAT to enable access for the developerstranslates private addresses to public addresses for routing purposes. NAT does not provide authentication, geographic filtering, or secure remote access capabilities. Therefore, it does not help meet the objective described.
Correct AnswerC
A is incorrect: Network Access Control (NAC) enforces policies that determine whether devices are allowed to connect to a network based on security posture, identity, or configuration compliance. NAC can restrict unauthorized endpoints from joining a network and can enforce segmentation policies. While NAC supports the requirement that systems connect only to authorized endpoints, it does not directly address the need for controlled administrative access to a restricted environmentthat handles sensitive data. Privileged users still require a secure intermediary system that isolates their workstations from the sensitive environment. Therefore, NAC alone does not fully meet the compliance requirement described.
B is incorrect: File Integrity Monitoring (FIM)detects unauthorized changes to files, configurations, or system binaries. FIM is commonly used to identify tampering with critical system files or unauthorized modifications within sensitive environments. Although this control improves monitoring and detection capabilities, it does not address the requirement that privileged users must access the environment only through controlled and authorized endpoints while maintaining strict need-to-know access restrictions. Because the requirement focuses on controlled access paths rather than monitoring file changes, FIM does not provide the appropriate solution.
C is correct: A jump box in the screened subnet is the correct solution because it provides a controlled and monitored access point for privileged users to reach sensitive environments. A jump box (or bastion host) acts as an intermediary system that administrators must connect to before accessing protected systems. By placing the jump box in a screened subnet (DMZ-like network segment), organizations can enforce strict authentication, logging, monitoring, and data loss prevention policies. This architecture ensures that privileged users do not connect directly from their workstations to sensitive systems, thereby maintaining need-to-know restrictions and limiting connections to authorized endpoints. It also allows the organization to apply DLP controls and monitoring within the controlled environment while maintaining compliance with security policies.
D is incorrect: A general VPN solution to the primary networkprovides encrypted remote connectivity but does not sufficiently restrict access to sensitive environments or enforce strict need-to-know segmentation. VPNs typically grant network-level access to internal resources once authentication is successful. This broad access model may allow privileged users to reach systems beyond the intended environment and does not enforce a controlled administrative gateway. Because the requirement specifies restricted connectivity and controlled access to sensitive environments, a general VPN solution alone would not provide the necessary level of segmentation and oversight.
Correct AnswerA
A is correct: Machine learning systems rely heavily on large datasets to train models and generate analytic outputs for decision support. A common threat against these systems is data poisoning, where an attacker intentionally injects incorrect or manipulated data into the dataset. By overloading the system with false or misleading information, the attacker can influence the model’s training process or decision outcomes, resulting in incorrect predictions or recommendations. Because the system described correlates analytic information for decision support, manipulating the underlying data directly affects the reliability of the model. Therefore, introducing incorrect information represents a significant and realistic threat to this type of system.
B is incorrect: Password spraying is an authentication attack in which an attacker attempts to access accounts by trying commonly used passwords across many usernames. While this attack targets authentication mechanisms, it is not specific to machine learning systems or analytic platforms. The scenario focuses on threats unique to systems that process analytic data and produce machine learning outcomes, making password spraying less relevant to the core threat model described.
C is incorrect: Server-side request forgery (SSRF) occurs when an attacker manipulates a server to send unintended requests to internal or external resources. SSRF vulnerabilities are typically associated with web applications that fetch remote resources based on user input. Although SSRF can affect many systems, it is not specifically related to the operation or integrity of machine learning models that rely on large datasets and analytics processing.
D is incorrect: Unauthorized data disclosure due to an authorization error represents an access control weakness where users gain access to information they should not be able to view. While this is a common security concern in many systems, the threat model described focuses on the integrity and reliability of analytic outputs produced by machine learning. Data poisoning or manipulation of input data presents a more direct and relevant threat to this type of system than traditional authorization failures.
